Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

MOD - Client Login with Password/ without Password and without ticket number

zodzod
edited November 2013 in Mods and Customizations
This mod was created because I have clients that move around to different locations and use a generic login at each location. I didn't want them to have to know a particular ticket number to be able to login and check the tickets that are open at each location. I put windows authentication on our server and just deleted the need for a client password or ticket number.

First the work around for ticket number authentication is based on the static function in the class.client.php file getLastTicketIdByEmail($email). This will return a ticket number for authentication without anyone knowing what numbers are out there. Also need to change the view so they see all the open tickets instead of the ticket detail as well as header in login.

OPEN osticket/view.php
FIND:
 if($user && $user->getTicketID()==trim($_GET['t']))
@header('Location: tickets.php?id='.$user->getTicketID());

REPLACE with:
if($user && $user->getTicketID()==trim($_GET['t']))
@header('Location: tickets.php');


open osticket/login.php FIND:
if(($user=Client::login(trim($_POST['lticket']), trim($_POST['lemail']), null, $errors))) {
//XXX: Ticket owner is assumed.
@header('Location: tickets.php?id='.$user->getTicketID());
require_once('tickets.php'); //Just in case of 'header already sent' error.
exit;
} elseif(!$errors['err']) {
$errors['err'] = 'Authentication error - try again!';
}


REPLACE with:
//mod client login begin
if(($user=Client::login(trim(Client::getLastTicketIdByEmail($_POST['lemail'])), trim($_POST['lemail']), null, $errors))) {
//XXX: Ticket owner is assumed.
@header('Location: tickets.php');
require_once('tickets.php'); //Just in case of 'header already sent' error.
exit;
} //MOD client login end
elseif(!$errors['err']) {
$errors['err'] = 'Authentication error - try again!';
}


***NOTE*** if you want to put a password in place change the ticket number variable on the textbox in include/client/login.inc.php to password and wrap the previous code in and if $password =='somepassword' statement. Alternatively you can DELETE the textbox shown in the following code.

OPEN include/client/login.inc.php
FIND:
<div>
<label for=\"ticketno\">Ticket ID:</label>
<input id=\"ticketno\" type=\"text\" name=\"lticket\" size=\"16\" value=\"<?php echo $ticketid; ?>\"></td>
</div>

REPLACE with (or delete previous):

<div>
<label for=\"password\">Password:</label>
<input id=\"password\" type=\"text\" name=\"lpassword\" size=\"16\" value=\"<?php echo $password; ?>\"></td>
</div>


Since my clients use a generic login, I created new distribution groups so people who needed to get ticket updates can receive the emails and be able to login. I don't expect them to remember the distro email for every location so I replaced the textbox where they input an email with a drop down list of all the locations in both the include/client/login.inc.php and include/client/open.inc.php.

OPEN include/client/login.inc.php
FIND:
<div>
<label for=\"email\">E-Mail Address:</label>
<input id=\"email\" type=\"text\" name=\"lemail\" size=\"30\" value=\"<?php echo $email; ?>\">
</div>


REPLACE with:
 <div align=\"right\">
<label for=\"email\" >Location:&nbsp;</label>

<select name=\"lemail\" id=\"email\" value=\"<?php echo $email; ?>\">
<option value=\"\" selected >&mdash; Select Location &mdash;</option>
<option value=\"email@domain.org\" >Location 1</option>
<option value=\"email@domain.org\" >Location 2</option>

</select>
<font class=\"error\">*&nbsp;<?php echo $errors['email']; ?></font>
</div>


OPEN include/client/open.inc.php
FIND:
 <?php
if($thisclient && $thisclient->isValid()) {
echo $thisclient->getName();
} else { ?>
<input id=\"name\" type=\"text\" name=\"name\" size=\"30\" value=\"<?php echo $info['name']; ?>\">
<font class=\"error\">*&nbsp;<?php echo $errors['name']; ?></font>
<?php
} ?>
</td>
</tr>
<tr>
<th class=\"required\" width=\"160\">Email Address:</th>
<td>
<?php
if($thisclient && $thisclient->isValid()) {
echo $thisclient->getEmail();
} else { ?>
<input id=\"email\" type=\"text\" name=\"email\" size=\"30\" value=\"<?php echo $info['email']; ?>\">
<font class=\"error\">*&nbsp;<?php echo $errors['email']; ?></font>
<?php
} ?>


REPLACE with:

<input id=\"name\" type=\"text\" name=\"name\" size=\"30\" value=\"<?php echo $info['name']; ?>\">
<font class=\"error\">*&nbsp;<?php echo $errors['name']; ?></font>

</td>
</tr>
<tr>
<th class=\"required\" width=\"100\">Location:</th>
<td>

<select name=\"email\" id=\"email\" value=\"<?php echo $info['email']; ?>\">
<option value=\"\" selected >&mdash; Select Location &mdash;</option>
<option value=\"email@domain.org\" >Location 1</option>
<option value=\"email@domain.org\" >Location 2</option>


</select>
<font class=\"error\">*&nbsp;<?php echo $errors['email']; ?></font>

Comments

  • edited December 2013
    i get the error, Missing or invalid data - check the errors and try again when i create a new ticket and when i try get the status i get the errorValid email and ticket number required
  • Uploaded files
    osticket_files.zip
    4K
  • zodzod
    edited December 2013
    trying to upload zip again-repost
  • now i get error valid email required, i edit  the email and put my email but i continue get this error
  • zodzod
    edited December 2013
    I think thats the error you get when you have no tickets created yet. You have to have a previous ticket in order to sign in.
  • Seems good and works fine, but how does the password part work? Same password for all the clients? would I be able to make a list of passwords for clients? Would that be really big modification?
  • Well, I'm not the best programmer around, like I said in the beginning you would just wrap the entire login process with and if (password== "something") statement. For security I would figure out how to create and array of passwords in the class.ticket file and hash it so people can't look it up in the html source code.
Sign In or Register to comment.